Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
References
Link | Resource |
---|---|
https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ | Exploit Technical Description Third Party Advisory |
https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ | Exploit Technical Description Third Party Advisory |
Configurations
History
21 Nov 2024, 06:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - Exploit, Technical Description, Third Party Advisory |
09 Dec 2021, 14:13
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - Exploit, Technical Description, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 8.8 |
CWE | CWE-190 | |
CPE | cpe:2.3:a:amazon:workspaces:*:*:*:*:*:*:*:* |
07 Dec 2021, 20:31
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-07 20:15
Updated : 2024-11-21 06:29
NVD link : CVE-2021-43638
Mitre link : CVE-2021-43638
CVE.ORG link : CVE-2021-43638
JSON object : View
Products Affected
amazon
- workspaces
CWE
CWE-190
Integer Overflow or Wraparound